[SystemSafety] Making Standards available .....

Chris Hills safetyyork at phaedsys.com
Sun May 15 21:01:20 CEST 2016 

Hi All

-----Original Message-----
From: systemsafety
[mailto:systemsafety-bounces at lists.techfak.uni-bielefeld.de] On Behalf Of
paul_e.bennett at topmail.co.uk
Sent: 15 May 2016 13:27
To: martyn at thomas-associates.co.uk;
systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] Making Standards available .....

On 15/05/2016 at 1:15 PM, "Martyn Thomas" <martyn at thomas-associates.co.uk>
wrote:
>>
>> As a general question, do engineers (or others) really need this
>> (security) spelt out in a standard where current knowledge does
>focus
>> on security as an important partner to safety? Can best practice 
>> evolve without a standard?

I know, from Chris Hills, that the MISRA-C are looking at including security
within their purview. Although 61508 was aimed at safety it does have some
valid input on risk reduction, and security is one of the identifiable
hazards for which risk reduction methods need to be applied. 

We probably have a sufficient number of standards although some cross
referencing between them would be useful. I am one who does not apply a
standard without filtering the requirements into a form that is usable
within my own process.

[CAH] We (MISRA-C WG ) found, looking at ISO Secure C and CERT-C  that
MISRA-C already covers large parts of both.  For the ISO Secure-C we only
needed a few more rules to cover all of it.  This document we are issuing
this coming week.(may 2016)    We are also looking at the CERT-C coverage.
At a source code level safety and security are often the same thing or
sometimes two sides of the same coin.   Much of it is down to
implementation.  MISRA-C tends to stop you doing silly things. Where as some
standards tray and deal with the problem when you have done something silly.
IT is  source  or sink.   By tackling the source MISRA-C  hopes to simplify
both the code  and the threats.

Unfortunately, from recent experience with the IoT Security Foundation
(www.iotsecurityfoundation.org)  shows that many current "connected"
consumer items contain software with obvious security flaws that were known
about when I was hac^H^H^H experimenting :-) in the early 1980's  with
modems and acoustic couplers!  Sadly the average programmer is ill
disciplined, lacking knowledge and trying to prove they are clever.    

Standards and Good Practice(tm) are all well and good but it is estimated
that 50% of C programmers still don't see the need for static analysis.
THAT is how much education is needed in the Sw world.  (I blame the teachers
:-) 


Regards
  Chris

More information about the systemsafety mailing list